With the recent wave of U.S. government declassifications of UFO files – officially referred to as UAPs (Unidentified Aerial Phenomena) – and a new Spielberg film tapping into our fascination with the unknown, the skies have never felt more mysterious. Yet, before looking up in wonder, a more grounded reality emerges: most of what we see overhead is far more explainable. Drones, for instance, are quietly reshaping our airspace – and the European Union has already put in place a comprehensive regulatory framework to govern them.

The Regulatory Framework: Two Regulations, One Clear Sky

Since 2019, two EU regulations have governed the production and operation of Unmanned Aircraft Systems (UAS) across all Member States, ending years of fragmented national rules.

Regulation (EU) 2019/945 – Manufacturing and Market Requirements

This regulation sets out the technical requirements for drones placed on the EU market, introducing a classification system based on maximum take-off mass (MTOM) and operational characteristics:

1. Class C0 – under 250g; minimal requirements, no Remote ID required
2. Class C1 – 250g to 900g; Remote ID mandatory, restrictions near populated areas
3. Class C2 – 900g to 4kg; Remote ID, low-speed mode, geofencing capability required
4. Class C3 / C4 – up to 25kg; reserved for “Specific” category operations
5. Class C5 / C6 – designed for advanced operations, including drone swarms and controlled BVLOS flights

All drones must carry CE marking confirming conformity with their class requirements. From Class C1 upwards, every drone must be equipped with Remote ID, i.e. a real-time digital identification system that continuously broadcasts the drone’s unique identifier, position, altitude, speed and the operator’s location. Think of it as a number plate for the sky.

Manufacturers not established in the EU must designate an authorised representative within the Union to ensure compliance.

Regulation (EU) 2019/947 – Operational Rules for Pilots and Operators

This regulation, developed by EASA (the European Union Aviation Safety Agency), governs how drones are actually flown, organising all operations into three categories based on risk level:

Open Category – low-risk flights requiring no prior authorisation. Operations must remain within visual line of sight (VLOS), below 120 metres, and away from gatherings of people. This category is further divided into three subcategories (A1, A2, A3) depending on the drone’s class and its proximity to uninvolved persons. Subcategory A2, for instance, requires pilots to pass a theoretical examination before operating a Class C2 drone near people.

Specific Category – medium-risk operations that generally require either an authorisation from the national competent authority or compliance with a pre-defined Standard Scenario (STS). Authorisations are based on the SORA methodology (Specific Operations Risk Assessment), which helps assess the level of risk involved and determine what safety measures are needed. Two Standard Scenarios are currently available – STS-01 (visual line of sight flights in populated areas) and STS-02 (beyond visual line of sight flights in unpopulated areas). Operators meeting all the conditions of an STS can fly under a simple declaration, without needing individual authorisation.

This category is also where BVLOS operations (Beyond Visual Line of Sight) come in – flights where the drone operates beyond the pilot’s direct visual contact. BVLOS is key to unlocking use cases like long-range infrastructure inspection, medical delivery, and large-scale surveying. These flights typically require either a SORA-based authorisation or compliance with STS-02, and the drone must be equipped with detect-and-avoid capabilities to ensure safe separation from other aircraft.

Certified Category – high-risk operations equivalent in complexity to conventional aviation. Requires full EASA certification of the drone, a formal operator approval, and a licensed pilot. Reserved for operations where a system failure could have catastrophic consequences.

Cross-Cutting Obligations

Regardless of category, all operators must:

1. Register with their national competent authority (mandatory for drones over 250g or equipped with a camera)
2. Respect UAS geographical zones defined by each Member State, covering restricted, prohibited, and conditional airspace
3. Maintain flight logs for all Specific and Certified category operations
4. Ensure adequate pilot training appropriate to the subcategory or category of operation

The U-Space: Managing the New Low-Altitude Frontier

The two regulations sit within a broader framework that includes the U-Space system, established by Regulation (EU) 2021/664. U-Space is the EU’s digital infrastructure for managing low-altitude air traffic in real time – essentially an air traffic management system for drones. It enables flight authorisation, conflict detection, real-time traffic monitoring and information sharing between operators, authorities, and conventional airspace managers.

U-Space is the critical enabler for large-scale BVLOS operations, and its progressive rollout across Member States is expected to unlock entirely new categories of drone deployment in the coming years.

Why It Matters

Together, these regulations created a single European drone market: harmonised, scalable, and built around safety. For anyone operating drones professionally in Europe, compliance is not optional – it is the foundation of lawful and sustainable operations.

So while the debate on UAPs continues across the Atlantic, Europe has already answered its own version of the question: what’s flying up there, and who’s in charge of it?

The answer, refreshingly, involves neither little green men nor government cover-ups – just well-drafted regulations and a lot of paperwork.